Since the uptake of smartphones has become more widespread, it is more than likely that your end users will require access to their corporate email via their smartphones. Whether or not the smartphone is company supplied . It is certainly a sensible idea to make sure that we have policies in place to protect our data should it end up in the wrong hands.
Exchange ActiveSync Mailbox PoliciesExchange 2010 has a feature called “Exchange ActiveSync Mailbox Policies”. You can find this in the Exchange Management Console, within the “Organization Configuration\Client Access” node from the tree view. You will notice that within the Exchange ActiveSync Mailbox Policies tab, you can create multiple policies – these can then be applied to different groups of users. I just want a common policy throughout my entire organization, so I will just modify the default policy that is already listed.
Once a compatible ActiveSync device is synchronized with your Exchange organization, the appropriate policy will be applied, and the smartphone will react accordingly. It should be noted though that these policies do not apply to all devices , so it’s important to check it out first. The vast majority of smartphones in our organization are iPhones – Apple published a list of the supported policies on their developer site.
Exchange Remote WipeShould the inevitable happen, and a user loses their phone with all their company emails and trade secrets on it, and it doesn’t look like it’s coming back any time soon, we have a couple of ways of performing a remote device wipe. Firstly, the end user can do it on their own via Outlook Web Access (great if they lose the device when the helpdesk isn’t yet open!). The user will need to log into OWA, and select options from the top right, then select “see all options” from the menu. Once you’re in the OWA options screen, select phone from the right, and you should be presented with a list of mobile devices associated with your Exchange account. From the list of devices, simply select the device in question, and click the “wipe device button”.
Chances are that the end users will just ring the helpdesk to request that the device be remotely wiped. An Exchange administrator can easily do this from the Exchange Management Console. Navigate to the Recipient Configuration\Mailbox node from the tree view. In the main area of the console, right click the user in question, then select “manage mobile phone” from the context menu. You will be presented with a list of mobile devices that are associated with the user’s Exchange account – select the appropriate device, click the “remote wipe” radio button, then click the “clear” button.